June 25, 2024

Online shopping, despite being convenient, also comes with its own set of challenges, especially from unrecognized outlets. An unnoticed risk during such transactions could result in cybercriminals acquiring your card details.

Germany-based cybersecurity company, SRLabs, recently exposed a massive fake online scamming network called ‘BogusBazaar’. This network conned over 850,000 people into purchasing phony products worth about $50 million during its three-year run.

According to BleepingComputer, customers lured into these fictitious stores not only lost money but also had their card information stolen. This card information was later sold on the dark web. For regular and occasional online shoppers, it’s essential to be aware of such scam networks and how to safeguard themselves.

Expired domains and the creation of fraudulent online stores

(Image credit: SRLabs)

In a report by SRLabs, majority of the victims of BogusBazaar are based in the U.S or Western Europe, with hardly any victims hailing from China, the likely base of BogusBazaar’s operation.

From 2021, the fraudsters behind BogusBazaar have set up over 75,000 fake online shops on formerly expired, well-reputed domains that appear in search engine results. These fraudulent stores often portray themselves as selling footwear and other apparel at significantly reduced prices. They also use unique logos and names to seem credible.

This operation doesn’t only run on fake stores but also uses legitimate payment processing services such as PayPal, Stripe, etc., to deceive customers and pilfer their money and data. They accomplish this via custom WooCommerce WordPress plugins, which is a WordPress plugin often employed by top website builders to transform sites into online stores.

The BogusBazaar operation works on an infrastructure-as-a-service model where a central team manages the system while the fake stores are independently operated by a vast network of franchisees.

Being predominantly based in the U.S, it’s widely projected that it’s only a matter of time before governmental agencies disrupt this operation and put an end to it.

(Image credit: Shutterstock)

Albeit wanting to support budding online businesses, scams like this would cause one to reconsider purchasing from unfamiliar sources. One way to ensure safety online is through sourcing products from reputable online retailers such as Amazon, Best Buy, or Walmart. However, finding unique products might prove challenging.

If one chooses to transact with an unknown online shop, it is important to verify the contact details, scrutinize the return policy, look for trust seals, check other sections of the site, and inspect its social media presence to ascertain credibility.

As BleepingComputer indicates, the fake stores under the BogusBazaar operation use a common template, where original product prices are struck off and replaced with massively discounted prices.

One must look out for customer reviews as part of their due diligence and make use of an online shopping checker like ones offered by F-Secure or Bitdefender’s Scamio. Some other warning signs include spelling errors in the URL, pixelated images, poor site design, and an overly complicated or non-existent return policy.

A significant red flag, however, is highly discounted prices. If any deal seems too good, it probably isn’t legitimate. Thus, comparing prices with other online stores before committing to buying a product is key to being safe from scams.

Fraudsters have been using deceptive online stores alongside malicious apps and phishing attacks to fool unwitting shoppers for years. The onus is on you to examine these fraudulent promises and avoid instances where a seemingly attractive deal ends up compromising your card information or stealing your identity.

Frequently Asked Questions

How to Protect Yourself from Online Shopping Scams?

There are several ways to stay safe from online shopping scams. Ascertain the reputation of the online store, go through its return policy, look for trust seals, and verify the vendor’s contact details. Watch out for spelling errors in the URL, poor quality product photos, and significant price discounts.

What are the Typical Signs of Fake Online Stores?

Fake online stores usually offer products at exceedingly discounted prices, have spelling mistakes in their URLs, exhibit poor website design, and bear suspiciously pixelated images. They might also have a complicated, or even non-existent, return policy.

What to Do if You Suspect an Online Store is Fake?

If you suspect an online store is fake, refrain from making purchases or providing sensitive information. You should also report the website to your local authorities and to your bank if you have made a purchase or submitted credit card information.